"The more I have learned about the system, the worse it has gotten," Appelbaum said. "Even if they turn Haystack off, if people try to use it, it still presents a risk.... It would be possible for an adversary to specifically pinpoint individual users of Haystack."

Giving the increasing levels of criticism, Heap has announced that the program has been shut down, but others have noted that, not only is it still available, but people are using it without Heap realizing it -- which could be quite dangerous if people think it's safe. The more you read, the more this project sounds like pure hype from the beginning and a total mess in reality. Just take the following resignation letter from the program's chief developer who, according to Wired, had recently taken a "hiatus" over questions about the way the program was being developed and pushed:

I would like to stress that I am not resigning in shame over the
much-maligned test program. It is as bad as Appelbaum makes it out to
be. But I maintain that it was a diagnostic tool never intended for
dissemination, never mind hype. I did have a solid, reasonable design,
and described it in our brief overture of transparency. _That_ is what
Haystack would have been. It would have worked!

What I am resigning over is the inability of my organization to
operate effectively, maturely, and responsibly. We have been
disgraced. I am resigning over dismissing pointed criticism as
nonsense. I am resigning over hype trumping security. I am resigning
over being misled, and over others being misled in my name.

The whole thing is a complete mess, and it sounds like a situation where some folks were more interested in getting press attention for a very early prototype, which they then pretended was a complete and legitimate product. If you're making a random blogging tool or some web 2.0 service, that's fine. When you're trying to make something that people will rely on so that their government doesn't lock them up and throw away the key, it's not.

There is, of course, plenty of blame to go around here, for the lack of more detailed scrutiny from the press and others, but the really stunning part, of course, is that the US State Department specifically endorsed this product. As Evgeny Morozov notes in his blog post (first link above), that's the true head scratcher:

Just to make it clear: Haystack is not at fault here; the State Department -- I am not so sure. Austin Heap can make whatever statements he likes; the government, however, is supposed to treat such statements with due skepticism and think through the political implications of their endorsement of any technologies. All this fast-tracking stuff would surely reflect bad on the State Department if after an independent security review it does turn out that Haystack has severe security flaws, which its testers -- or other Iranian uses -- may not have been aware of.

And why did Clinton choose to speak about Haystack and not say Tor or any other tool? Also, not very clear. Were the diplomats charmed by all the buzz around Haystack in the media? Possibly. That said, it would be very good to know whether the State Department did ANY analysis/testing of Haystack's claimed capabilities, thought through how well it could scale in Iran, and whether they may be hurting its users in Iran -- current and future ones -- by lining up behind them. Were these questions asked and answered?

Things that smell bad usually are

I was interested when I first heard about Haystack. I was interested in helping. But it didn't take long to curb my enthusiasm. Reading the web site, it just didn't look like the people running Haystack knew what they were doing. The final straw for me was only distributing the software to people they trusted. It is ridiculous to think that this was really keeping the software out of government hands, and anyone who knows anything about security knows that security through obscurity does not work very well in serious applications. My thought at the time was that the real reason might be that they didn't want scrutiny of their product. It turns out that may not have been too far from the truth.

I don't know why this reminds me of the guy who was caught trying to rob a bank and when showed the security video was flabbergasted and exclaimed "But I used the s%&$, how could they see me?!"(the s%&$ was lime juice).

"Just to make it clear: Haystack is not at fault here; the State Department -- I am not so sure. Austin Heap can make whatever statements he likes"... So, it's not Austin Heap's fault that he chatted up Haystack as the best thing ever, when it clearly was not? And it's not Heap's fault that he helped to lead the State Department believe that Haystack was secure?

"the true head scratcher:"

It's *entirely* consistent with the obvious intent of US and Israel to attack Iran (on pretext of a non-existent nuclear weapons program) that Clinton and US State Department would endorse this program. It's difficult to come up with any other possible reason why it got to Clinton's level. As to its security: they don't care beans about actual results for Iranian dissidents; they're as expendable as any other pawns.

If you don't wise up to obvious machinations, you'll scratch your head bald.